ACTION-755: Summarize the issue that may be raised by sessions

The editorial note in 4.1.2 that reads:
"Further discussion is needed on the subject of "session", in which 
consistency of user experience needs to be maintained across a sequence 
of related requests. This affects the proxy decision to transform and 
whether it should alter request headers."

We started talking about that in last call.
The underlying questions would be IMO:
a) are there other parameters that we need to add in the guidelines that 
affect the proxy's decision to transform?
b) are there cases for which consistency of the user experience has to 
be maintained to an extent that CT-directives may be ignored?

I see 3 cases, depending on how we define "session" and "related" requests:

1. They mean resources needed to display a page
The typical use case would be a main page that does not contain any CT 
directive, and a linked CSS style sheet that contains a "Cache-Control: 
no-transform" directive.

We could have something like: "the proxy should make its best to fulfill 
the server's preferences, except when they are inconsistent."
We could even add: "when inconsistency is detected in CT directives 
between related resources, the main page is the one to follow."
I do not think we need to say anything here, actually.

2. They mean all resources for which the CT-proxy substitutes itself to 
the server
Not very clear, let me try to explain that with an example:
  - the user requests a page
  - the CT-proxy rewrites links in the response in the form:
 http://[ct-proxy]/[something that identifies the origin request]
  - each time the user clicks on a rewritten link, same session, related 

There is one thing that may be missing in the guidelines here, but it's 
not entirely related to the topic: we never say that if the CT-proxy 
forwards the request to the origin server in that case, then it must do 
so as if the request came from the client. It's only indirectly 
addressed by the notion that from the origin server's point of view, the 
presence of the CT-proxy should be transparent.

I don't really have answers to a) and b). Anyone knows about that?

3. They mean all resources accessed by the user during a browsing session
For cases not covered by 1. and 2., I'd answer a) and b) by "No".
In terms of content in the guidelines, I would not add/change anything.

Received on Thursday, 15 May 2008 07:52:57 UTC